1Y0-440 Real Exam Questions

A Citrix Architect needs to deploy three VPX instances on NetScaler SDX 11500 device to meet the following design requirements: * Three (3) VPX instances must be provisioned on the SDX device. * Instance 1 must be dedicated for deploying NetScaler Gateway virtual server. * Instance 2 must be utilized for deploying load-balancing virtual servers for XML, Director, StoreFront, and Active Directory servers. * Instance 3 must be utilized for deploying the test environment, NetScaler Gateway virtual server, load balancing virtual servers for XML, Director, StoreFront and Active Directory servers must be configured. How many IP addresses will be required to meet these design requirements?

Scenario: A Citrix Architect has set up NetScaler MPX devices in high availability mode with version 12.0.53.13 nc. These are placed behind a Cisco ASA 5505 Firewall. The Cisco ASA firewall is configured to block traffic originating from internal. The network devices administration (NAT) also performed on the firewall. The following requirements were captured by the architect during the discussion held as part of the NetScaler security implementation project with the customer's security team: The NetScaler MPX device: * Should block any type of traffic either on a specific virtual entity or on the device. It should be able to mitigate the attacks from a hostile client sending a flood of requests. The NetScaler device should be able to stop the HTTP, TCP, and DNS based requests. * Should block unsolicited e-mail from reaching servers. * needs to queue all the incoming requests on the virtual server level instead of the service level. * Should provide protection against obfuscated attack by hackers, unknown malicious characters, centrally managed automated botnets, compromised webservers, known spammers/hackers, and phishing proxies. * Should provide protection to the internal servers and it will only check inspections for the requests originating from a specific geolocation database. * Should block the traffic based on a pre-determined header length, URL length, and cookie length. The device should ensure that characters such as a single backslash () in a URL request, a double-byte character in the URL request, or dropped while being sent to the backend server. Which security feature should the architect configure to meet these requirements?

Scenario: A Citrix Architect needs to assess an existing NetScaler configuration. The customer recently found that members of certain administrator groups were receiving permissions on the production NetScaler appliances that do NOT align with the designed security requirements. Click the Exhibit button to view the configured command policies for the production NetScaler deployment. To align the command policy configuration with the security requirements of the organization, the ________ for ________ should change. (Choose the correct option to complete the sentence.)

Scenario: A Citrix Architect has deployed an authentication setup with a ShareFile load-balancing virtual server. The NetScaler is configured as the Service Provider and Portalguard server is utilized as the SAML Identity Provider. While performing the functional testing, the architect finds that after the users enter their credentials on the Portalguard page by Portalguard, they get redirected back to the NetScaler Gateway page at url https://authn/fed/sps/login and receive the following error: "SAML Assertion verification failed. Please contact your administrator." The events in the nslog.log file for the issue are as follows: Feb 23 20:20:21 <loca10.err> 10.148.138.5 23/02/2018:20:20:21 GMT vorsb1 0-PPE-0 : default AAATM Message 3225369 0 : "SAML : ParseAssertion: parsed attribute NameID, value is nameid" Feb 23 20:20:21 <loca10.err> 10.148.138.5 23/02/2018:20:20:21 GMT vorsb1 0-PPE-0 : default AAATM Message 3225370 0 : "SAML: verify digest: algorithma differ, expected SHA2, found SHA256" Feb 23 20:20:44 <loca10.err> 10.148.138.5 23/02/2018:20:35:44 GMT vorsb1 0-PPE-0 : default AAATM Message 3225373 0 : "SAML : ParseAssertion: parsed attribute NameID, value is nameid" Feb 23 20:20:44 <loca10.err> 10.148.138.5 23/02/2018:20:35:44 GMT vorsb1 0-PPE-0 : default AAATM Message 3225374 0 : "SAML: verify digest: algorithma differ, expected SHA2, found SHA256" Feb 23 20:20:55 <loca10.err> 10.148.138.5 23/02/2018:20:37:55 GMT vorsb1 0-PPE-0 : default AAATM Message 3225378 0 : "SAML : ParseAssertion: parsed attribute NameID, value is nameid" Feb 23 20:20:55 <loca10.err> 10.148.138.5 23/02/2018:20:37:55 GMT vorsb1 0-PPE-0 : default AAATM Message 3225379 0 : "SAML: verify digest: algorithma differ, expected SHA2, found SHA256" What should the architect change in the SAML action to resolve this issue?

Which NetScaler Management and Analytics System (NMAS) utility can a Citrix Architect utilize to verify the configuration template created by the NMAS architect is also actually executing it on the NetScaler?